Re: [CentOS] Centos 6 - disabling IPv6 addressing
+1 IPv6 = solution looking for a problem. Disabled on all our systems! -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Chris Stone Sent: Monday, March 09, 2015 01:15 AM To: CentOS mailing list Subject: Re: [CentOS] Centos 6 - disabling IPv6 addressing Sorry - that should be sysctl -w net.ipv6.conf.all.accept_ra=0 to disable that, not 1. Chris On Sun, Mar 8, 2015 at 11:14 PM, Chris Stone wrote: > Try: > > sysctl -w net.ipv6.conf.all.accept_ra=1 > > to persist between boots, be sure to add this to your /etc/sysctl.conf > file. > > This should prevent the box from listening to any RA announcements. > > > Chris > > On Sun, Mar 8, 2015 at 10:55 PM, Ryan Wagoner wrote: > >> On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz >> >> wrote: >> >> > >> > >> > On 03/06/2015 11:00 AM, Robert Moskowitz wrote: >> > >> >> >> >> >> >> On 03/06/2015 10:55 AM, Barry Brimer wrote: >> >> >> >>> >> >>> >> >>> IPV6INIT="no" >> >> But I am still getting a global IPv6 (and of course local scope). >> >> What else do I need to do to disable the listening for RA >> announcements >> >> and setting an IPv6 global address? I do not want to reboot the box. >> >> >>> There are other modules, most notably bonding that rely on the >> >>> ipv6 module being loaded. What I do is place "options ipv6 >> >>> disable=1" in "/etc/modprobe.d/ipv6.conf". That does require a >> >>> reboot, which I know >> you >> >>> are looking to avoid, so you may want to try other methods to >> >>> remove >> your >> >>> address in the running configuration. >> >>> >> >> >> >> 'All' I need is for the system not to have a global IPv6 address. >> >> Then >> it >> >> will not try to connect to other global IPv6 systems which will >> >> reject >> the >> >> connection, as the IPv6 rDNS cannot be set, given it is a dynamic >> >> IPv6 assigned address from the ISP. >> >> >> > >> > I tried: >> > >> > # cat /etc/sysconfig/network >> > NETWORKING=yes >> > HOSTNAME=z9m9z.htt-consult.com >> > NETWORKING_IPV6=no >> > IPV6INIT=no >> > >> > >> > and 'service network restart' but still showing IPv6 addressing. >> >> >> >> I would try adding the below line to /etc/sysconfig/network. >> >> IPV6_AUTOCONF=no >> >> Ryan >> ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos >> > > > > -- > Chris Stone > AxisInternet, Inc. > www.axint.net > -- Chris Stone AxisInternet, Inc. www.axint.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/03/15 01:53, Nux! wrote: > Niki, > > There are some 32bit RPMs (slightly older) here: > http://arrfab.net/attic/RPMS/7/x86_64/ > > HTH Lucian > > -- Sent from the Delta quadrant using Borg technology! > > Nux! www.nux.ro > Damn, I built those packages initially to help someone from the family (and those aren't signed !) while hoping that EPEL would build the 32bits version, which they never did .. Tech details : those were built through mock , but against 32bits version of CentOS 7, as all required packages to init a CentOS 7 i686 buildroot are available since day #1 on http://buildlogs.centos.org I wanted then to remove those packages, but just by looking at my webserver logs, it seems more and more people are now using those wine packages :-( - -- Fabian Arrotin The CentOS Project | http://www.centos.org gpg key: 56BEC54E | twitter: @arrfab -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAlT9azcACgkQnVkHo1a+xU6cpwCdFl7Pqkcuf+2oRhtWU66IkCcT 9qkAoJqauRCPsQmGKNIDa50nUp6qAyF3 =Brxm -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Problem with ntp
Hi all, I have a problem with ntpd daemon in my CentOS7 vm. When I try to list peers, command fails: [root@c7tst ntpstats]# ntpq ntpq> pe ntpq: read: Connection refused ntpq> My actual ntp.conf: # For more information about this file, see the man pages # ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5). driftfile /var/lib/ntp/drift # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 #restrict ::1 # Hosts on local network are less restricted. #restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap # Use public servers from the pool.ntp.org project. # Please consider joining the pool (http://www.pool.ntp.org/join.html). server 0.europe.pool.ntp.org iburst server 1.europe.pool.ntp.org iburst server 2.europe.pool.ntp.org iburst server 3.europe.pool.ntp.org iburst #broadcast 192.168.1.255 autokey# broadcast server #broadcastclient# broadcast client #broadcast 224.0.1.1 autokey# multicast server #multicastclient 224.0.1.1 # multicast client #manycastserver 239.255.254.254 # manycast server #manycastclient 239.255.254.254 autokey # manycast client # Enable public key cryptography. #crypto includefile /etc/ntp/crypto/pw # Key file containing the keys and key identifiers used when operating # with symmetric key cryptography. keys /etc/ntp/keys # Specify the key identifiers which are trusted. #trustedkey 4 8 42 # Specify the key identifier to use with the ntpdc utility. #requestkey 8 # Specify the key identifier to use with the ntpq utility. #controlkey 8 # Enable writing of statistics records. statistics clockstats cryptostats loopstats peerstats # Disable the monitoring facility to prevent amplification attacks using ntpdc # monlist command when default restrict does not include the noquery flag. See # CVE-2013-5211 for more details. # Note: Monitoring will not be disabled with the limited restriction flag. #disable monitor I have tried to disable all "restrict" statements without luck. Same ntp.conf works in my CentOS6.x hosts ... Any idea why?? (SELinux is disabled) Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with ntp
Hi, On Mon, Mar 9, 2015 at 4:43 PM, C.L. Martinez wrote: > Hi all, > > I have a problem with ntpd daemon in my CentOS7 vm. When I try to list > peers, command fails: > > [root@c7tst ntpstats]# ntpq > ntpq> pe > ntpq: read: Connection refused > ntpq> > > By default NTP daemon is stopped in CentOS. Please see NTP daemon is running or not? Please share the output of "netstat -nupl | grep 123" command for more information. --Regards Ashishkumar S. Yadav ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
On 03/09/2015 04:43 AM, Fabian Arrotin wrote: > On 08/03/15 01:53, Nux! wrote: >> Niki, > >> There are some 32bit RPMs (slightly older) here: >> http://arrfab.net/attic/RPMS/7/x86_64/ > >> HTH Lucian > >> -- Sent from the Delta quadrant using Borg technology! > >> Nux! www.nux.ro > > > Damn, I built those packages initially to help someone from the family > (and those aren't signed !) while hoping that EPEL would build the > 32bits version, which they never did .. > Tech details : those were built through mock , but against 32bits > version of CentOS 7, as all required packages to init a CentOS 7 i686 > buildroot are available since day #1 on http://buildlogs.centos.org > > I wanted then to remove those packages, but just by looking at my > webserver logs, it seems more and more people are now using those wine > packages :-( I was just getting ready to build those, I need them :) .. how about we put them (or newer ones, if available) in i686 extras. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with ntp
On 03/09/2015 11:48 AM, Ashish Yadav wrote:
Hi,
On Mon, Mar 9, 2015 at 4:43 PM, C.L. Martinez wrote:
Hi all,
I have a problem with ntpd daemon in my CentOS7 vm. When I try to list
peers, command fails:
[root@c7tst ntpstats]# ntpq
ntpq> pe
ntpq: read: Connection refused
ntpq>
By default NTP daemon is stopped in CentOS. Please see NTP daemon is
running or not?
Please share the output of "netstat -nupl | grep 123" command for more
information.
--Regards
Ashishkumar S. Yadav
Hi Ashish,
of course, ntpd daemon is running:
[root@c7tst tmp]$ ps xauw | grep ntp
ntp 8238 0.0 0.0 29360 2076 ?Ss 11:09 0:00
/usr/sbin/ntpd -u ntp:ntp -g -4
And:
[root@c7tst tmp]$ sudo ss -putan | grep 123
tcpUNCONN 0 0172.22.55.1:123
*:* users:(("ntpd",8238,18))
tcpUNCONN 0 0 127.0.0.1:123
*:* users:(("ntpd",8238,17))
tcpUNCONN 0 0 *:123
*:* users:(("ntpd",8238,16))
And /var/log/messages:
Mar 9 09:31:04 c7tst ntpd[6030]: proto: precision = 0.055 usec
Mar 9 09:31:04 c7tst ntpd[6030]: 0.0.0.0 c01d 0d kern kernel time sync
enabled
Mar 9 09:31:04 c7tst ntpd[6030]: Listen and drop on 0 v4wildcard
0.0.0.0 UDP 123
Mar 9 09:31:04 c7tst ntpd[6030]: Listen normally on 1 lo 127.0.0.1 UDP 123
Mar 9 09:31:04 c7tst ntpd[6030]: Listen normally on 2 prodif
172.22.55.1 UDP 123
Mar 9 09:31:04 c7tst ntpd[6030]: Listening on routing socket on fd #19
for interface updates
Mar 9 09:31:04 c7tst ntpd[6030]: 0.0.0.0 c016 06 restart
Mar 9 09:31:04 c7tst ntpd[6030]: 0.0.0.0 c012 02 freq_set kernel -2.019 PPM
Mar 9 09:31:05 c7tst ntpd[6030]: 0.0.0.0 c615 05 clock_sync
Mar 9 11:09:05 c7tst ntpd[6030]: ntpd exiting on signal 15
Mar 9 11:09:09 c7tst ntpd[8237]: ntpd 4.2.6p5@1.2349-o Sat Dec 20
01:24:55 UTC 2014 (1)
Mar 9 11:09:09 c7tst ntpd[8238]: proto: precision = 0.066 usec
Mar 9 11:09:09 c7tst ntpd[8238]: 0.0.0.0 c01d 0d kern kernel time sync
enabled
Mar 9 11:09:09 c7tst ntpd[8238]: Listen and drop on 0 v4wildcard
0.0.0.0 UDP 123
Mar 9 11:09:09 c7tst ntpd[8238]: Listen normally on 1 lo 127.0.0.1 UDP 123
Mar 9 11:09:09 c7tst ntpd[8238]: Listen normally on 2 prodif
172.22.55.1 UDP 123
Mar 9 11:09:09 c7tst ntpd[8238]: Listening on routing socket on fd #19
for interface updates
Mar 9 11:09:10 c7tst ntpd[8238]: 0.0.0.0 c016 06 restart
Mar 9 11:09:10 c7tst ntpd[8238]: 0.0.0.0 c012 02 freq_set kernel -1.971 PPM
Mar 9 11:09:10 c7tst ntpd[8238]: 0.0.0.0 c615 05 clock_sync
But, I am worried about two things. First in /var/log/messages:
Mar 9 11:09:09 c7tst ntpd[8238]: Listen and drop on 0 v4wildcard
0.0.0.0 UDP 123
¿¿
And second: ss output shows an "UNCONN", that means "unconnected"
Uhmmm, and I don't understand why There is no firewall or blocking
gateway between this C7 vm and Internet ...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
Le 09/03/2015 13:02, Johnny Hughes a écrit : I was just getting ready to build those, I need them:) .. how about we put them (or newer ones, if available) in i686 extras. On a side note, I wonder when - and if - a 32-bit version of CentOS will eventually become available. I'm managing a small IT company in South France, and I have to deal with a considerable amount of legacy hardware in schools and town halls, mostly first generation Pentium IV with something like 1 GB of RAM. In general, folks are happy as long as they don't have to upgrade their hardware when moving from Windows to Linux. These old PCs may be dinosaurs, but apparently it takes a meteor strike to wipe them. At the moment this kind of hardware is running my personal blend of 32-bit Slackware Linux 14.0 or 14.1. I'm planning to install CentOS 6.x on it, but I think it would be perfectly able to run a 32-bit version of CentOS 7. Cheers, Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with ntp
On Mon, 9 Mar 2015, C.L. Martinez wrote: Hi all, I have a problem with ntpd daemon in my CentOS7 vm. When I try to list peers, command fails: [] [root@c7tst ntpstats]# ntpq ntpq> pe ntpq: read: Connection refused ntpq> Does "ntpq -4 -c peer" work? If so, then the problem is related to access via IPv6 and this line in ntp.conf: # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 #restrict ::1 Uncommnent the IPv6 restrict entry, restart ntpd, and try again. -- Paul Heinlein heinl...@madboa.com 45°38' N, 122°6' W___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with ntp
On 03/09/2015 03:42 PM, Paul Heinlein wrote: On Mon, 9 Mar 2015, C.L. Martinez wrote: Hi all, I have a problem with ntpd daemon in my CentOS7 vm. When I try to list peers, command fails: [] [root@c7tst ntpstats]# ntpq ntpq> pe ntpq: read: Connection refused ntpq> Does "ntpq -4 -c peer" work? If so, then the problem is related to access via IPv6 and this line in ntp.conf: # Permit all access over the loopback interface. This could # be tightened as well, but to do so would effect some of # the administrative functions. restrict 127.0.0.1 #restrict ::1 Uncommnent the IPv6 restrict entry, restart ntpd, and try again. Yep, using "ntpq -4", works: [root@c7tst tmp]$ ntpq -4 ntpq> pe remote refid st t when poll reach delay offset jitter == *lafkor.de 192.93.2.20 2 u5 641 64.7481.130 0.268 primary.server. 134.130.5.17 2 u4 641 83.8421.120 0.614 ntp1.warwicknet 195.66.241.102 u5 641 66.697 -1.593 0.504 ntp.univ-poitie 193.50.27.66 3 u5 641 72.149 10.225 2.323 ntpq> quit Uhmm .. Then, my problem is with Ipv6. I have disabled all IPv6 stack using ipv6_disable=1 in grub.cfg ... According to this I need to re-enable ... Correct?? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
Le 08/03/2015 01:53, Nux! a écrit : There are some 32bit RPMs (slightly older) here: http://arrfab.net/attic/RPMS/7/x86_64/ I tried to install these, but I ran into some trouble. Here's what I tried to do. I'm using the yum-priorities plugin. The official CentOS repos are configured with a priority of 1. Besides that, I'm using the EPEL and Nux-dextop third party repos, each with a priority of 10. I created an /etc/yum.repos.d/wine.repo file: [wine] enabled=1 priority=5 name=Wine repository baseurl=http://arrfab.net/attic/RPMS/7/$basearch/ gpgcheck=0 I gave it a priority of 5, since I want the wine-* packages to have precedence over those present in EPEL. But when I try this: # yum install wine ... here's what I get: === Error: Multilib version problems found. This often means that the root cause is something else and multilib version checking is just pointing out that there is a problem. Eg.: 1. You have an upgrade for openal-soft which is missing some dependency that another package requires. Yum is trying to solve this by installing an older version of openal-soft of the different architecture. If you exclude the bad architecture yum will tell you what the root cause is (which package requires what). You can try redoing the upgrade with --exclude openal-soft.otherarch ... this should give you an error message showing the root cause of the problem. 2. You have multiple architectures of openal-soft installed, but yum can only see an upgrade for one of those architectures. If you don't want/need both architectures anymore then you can remove the one with the missing update and everything will work. 3. You have duplicate versions of openal-soft installed already. You can use "yum check" to get yum show these errors. ...you can also use --setopt=protected_multilib=false to remove this checking, however this is almost never the correct thing to do as something else is very likely to go wrong (often causing much more problems). Protected multilib versions: openal-soft-1.15.1-3.el7.arrfab.i686 != openal-soft-1.16.0-2.el7.x86_64 Now before I'm wrecking my system, I thought I'd rather ask your advice. What can I do to install this Wine version cleanly? Cheers, Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with ntp
On Mon, 9 Mar 2015, C.L. Martinez wrote: Does "ntpq -4 -c peer" work? If so, then the problem is related to access via IPv6 and this line in ntp.conf: > # Permit all access over the loopback interface. This could > # be tightened as well, but to do so would effect some of > # the administrative functions. > restrict 127.0.0.1 > #restrict ::1 Uncommnent the IPv6 restrict entry, restart ntpd, and try again. Yep, using "ntpq -4", works [] Uhmm .. Then, my problem is with Ipv6. I have disabled all IPv6 stack using ipv6_disable=1 in grub.cfg ... According to this I need to re-enable ... Correct?? I think you'll find that IPv6 is alive and well on your machine. A quick peek will show you: /sbin/ip -6 addr In the "lo" device, you'll see the standard "::1/128" loopback address. In your ethernet devices, you'll probably see "fe80::/64" link-local addresses. All you need to do is uncomment the "restrict ::1" entry in your ntp.conf and restart ntpd. -- Paul Heinlein heinl...@madboa.com 45°38' N, 122°6' W___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] mod_clamav, apache and centos6?
I'm trying to get mod_clamav working with Apache on a CentOS 6.6 box - without much luck ... I'm using httpd 2.2.15-39.el6.centos.x86_64 with clamav 0.98.6-1.el6.x86_64 (from EPEL) and mod_clamav 0.23 compiled from source via http://software.othello.ch/mod_clamav/ The mod_clamav source hasn't been updated in nearly 6 years - so may well no longer work with more recent versions of Apache or Clamav ... Before I spend too much time on this - I was wondering if anyone has this set up working, or should I give up and try something else? Thanks James Pearson ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Fail2Ban Centos 7 is there a trick to making it work?
Been working on fail2ban, and trying to make it work with plain Jane install of Centos 7 Machine is a HP running 2 Quad core Xeons, 16 gig or ram and 1 plus TB of disk space. Very generic and vanilla. Current available epel repo version is fail2ban-0.9.1 Looking at the log file, fail2ban starts and stops fine, there isn't output though showing any login attempts being restricted. 2015-03-09 12:54:37,930 fail2ban.server [14805]: INFOStopping all jails 2015-03-09 12:54:37,931 fail2ban.server [14805]: INFOExiting Fail2ban 2015-03-09 12:54:38,338 fail2ban.server [16678]: INFOChanged logging target to /var/log/fail2ban.log for Fail2ban v0.9.1 2015-03-09 12:54:38,341 fail2ban.database [16678]: INFOConnected to fail2ban persistent database '/var/lib/fail2ban/fail2ban.sqlite3' I copied jail.conf and added the edited jail.local to the directory /etc/fail2ban/ This is about as far as I have gotten with searches on how to configure with Centos 7. Any help would be welcome. What am I missing? john ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
I have to disagree on that. NATs is the problem and I am one of the causes of that problem as one of the principals behind RFC 1918. What has happened is that HTTP has become the transport for the Internet. Very bad in a number of ways. But for another time. Perhaps. Right now I have to deal with a new ISP that was on the road to static IPv6 when somehow the lead engineer kind of stopped responding to emails and I won't find out the details until IETF later this month. On 03/09/2015 04:58 AM, Joseph L. Brunner wrote: +1 IPv6 = solution looking for a problem. Disabled on all our systems! -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Chris Stone Sent: Monday, March 09, 2015 01:15 AM To: CentOS mailing list Subject: Re: [CentOS] Centos 6 - disabling IPv6 addressing Sorry - that should be sysctl -w net.ipv6.conf.all.accept_ra=0 to disable that, not 1. Chris On Sun, Mar 8, 2015 at 11:14 PM, Chris Stone wrote: Try: sysctl -w net.ipv6.conf.all.accept_ra=1 to persist between boots, be sure to add this to your /etc/sysctl.conf file. This should prevent the box from listening to any RA announcements. Chris On Sun, Mar 8, 2015 at 10:55 PM, Ryan Wagoner wrote: On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz wrote: On 03/06/2015 11:00 AM, Robert Moskowitz wrote: On 03/06/2015 10:55 AM, Barry Brimer wrote: IPV6INIT="no" But I am still getting a global IPv6 (and of course local scope). What else do I need to do to disable the listening for RA announcements and setting an IPv6 global address? I do not want to reboot the box. There are other modules, most notably bonding that rely on the ipv6 module being loaded. What I do is place "options ipv6 disable=1" in "/etc/modprobe.d/ipv6.conf". That does require a reboot, which I know you are looking to avoid, so you may want to try other methods to remove your address in the running configuration. 'All' I need is for the system not to have a global IPv6 address. Then it will not try to connect to other global IPv6 systems which will reject the connection, as the IPv6 rDNS cannot be set, given it is a dynamic IPv6 assigned address from the ISP. I tried: # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=z9m9z.htt-consult.com NETWORKING_IPV6=no IPV6INIT=no and 'service network restart' but still showing IPv6 addressing. I would try adding the below line to /etc/sysconfig/network. IPV6_AUTOCONF=no Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Chris Stone AxisInternet, Inc. www.axint.net -- Chris Stone AxisInternet, Inc. www.axint.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On 03/09/2015 12:55 AM, Ryan Wagoner wrote: On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz wrote: On 03/06/2015 11:00 AM, Robert Moskowitz wrote: On 03/06/2015 10:55 AM, Barry Brimer wrote: IPV6INIT="no" But I am still getting a global IPv6 (and of course local scope). What else do I need to do to disable the listening for RA announcements and setting an IPv6 global address? I do not want to reboot the box. There are other modules, most notably bonding that rely on the ipv6 module being loaded. What I do is place "options ipv6 disable=1" in "/etc/modprobe.d/ipv6.conf". That does require a reboot, which I know you are looking to avoid, so you may want to try other methods to remove your address in the running configuration. 'All' I need is for the system not to have a global IPv6 address. Then it will not try to connect to other global IPv6 systems which will reject the connection, as the IPv6 rDNS cannot be set, given it is a dynamic IPv6 assigned address from the ISP. I tried: # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=z9m9z.htt-consult.com NETWORKING_IPV6=no IPV6INIT=no and 'service network restart' but still showing IPv6 addressing. I would try adding the below line to /etc/sysconfig/network. IPV6_AUTOCONF=no Added this, did a 'service network restart' and still seeing the IPv6 addr. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
No change after running this and trying both: system network restart ifdown eth0; ifup eth0 Still having an IPv6 addr. The box has been up for 140 days. Would like to keep it running... This box is really Redsleeve 6, which is the port of Centos 6 to arm. The kernel I am using is the F19 kernel. All of this MIGHT be contributing to things not working as they would on a 'normal' Centos box. I am awaiting the start of the Centos7-arm work ;) On 03/09/2015 01:15 AM, Chris Stone wrote: Sorry - that should be sysctl -w net.ipv6.conf.all.accept_ra=0 to disable that, not 1. Chris On Sun, Mar 8, 2015 at 11:14 PM, Chris Stone wrote: Try: sysctl -w net.ipv6.conf.all.accept_ra=1 to persist between boots, be sure to add this to your /etc/sysctl.conf file. This should prevent the box from listening to any RA announcements. Chris On Sun, Mar 8, 2015 at 10:55 PM, Ryan Wagoner wrote: On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz wrote: On 03/06/2015 11:00 AM, Robert Moskowitz wrote: On 03/06/2015 10:55 AM, Barry Brimer wrote: IPV6INIT="no" But I am still getting a global IPv6 (and of course local scope). What else do I need to do to disable the listening for RA announcements and setting an IPv6 global address? I do not want to reboot the box. There are other modules, most notably bonding that rely on the ipv6 module being loaded. What I do is place "options ipv6 disable=1" in "/etc/modprobe.d/ipv6.conf". That does require a reboot, which I know you are looking to avoid, so you may want to try other methods to remove your address in the running configuration. 'All' I need is for the system not to have a global IPv6 address. Then it will not try to connect to other global IPv6 systems which will reject the connection, as the IPv6 rDNS cannot be set, given it is a dynamic IPv6 assigned address from the ISP. I tried: # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=z9m9z.htt-consult.com NETWORKING_IPV6=no IPV6INIT=no and 'service network restart' but still showing IPv6 addressing. I would try adding the below line to /etc/sysconfig/network. IPV6_AUTOCONF=no Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Chris Stone AxisInternet, Inc. www.axint.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
How about, in your /etc/sysconfig/network file adding or editing the line for IPV6 to be: NETWORKING_IPV6=no and then try a 'service network restart' and see what you get. Chris On Mon, Mar 9, 2015 at 11:52 AM, Robert Moskowitz wrote: > No change after running this and trying both: > > system network restart > > ifdown eth0; ifup eth0 > > Still having an IPv6 addr. > > The box has been up for 140 days. Would like to keep it running... > > This box is really Redsleeve 6, which is the port of Centos 6 to arm. The > kernel I am using is the F19 kernel. All of this MIGHT be contributing to > things not working as they would on a 'normal' Centos box. I am awaiting > the start of the Centos7-arm work ;) > > > On 03/09/2015 01:15 AM, Chris Stone wrote: > >> Sorry - that should be >> >> >> sysctl -w net.ipv6.conf.all.accept_ra=0 >> >> to disable that, not 1. >> >> >> Chris >> >> >> On Sun, Mar 8, 2015 at 11:14 PM, Chris Stone wrote: >> >> Try: >>> >>> sysctl -w net.ipv6.conf.all.accept_ra=1 >>> >>> to persist between boots, be sure to add this to your /etc/sysctl.conf >>> file. >>> >>> This should prevent the box from listening to any RA announcements. >>> >>> >>> Chris >>> >>> On Sun, Mar 8, 2015 at 10:55 PM, Ryan Wagoner >>> wrote: >>> >>> On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz wrote: > On 03/06/2015 11:00 AM, Robert Moskowitz wrote: > > >> On 03/06/2015 10:55 AM, Barry Brimer wrote: >> >> >>> IPV6INIT="no" >>> But I am still getting a global IPv6 (and of course local scope). What else do I need to do to disable the listening for RA >>> announcements > and setting an IPv6 global address? I do not want to reboot the box. There are other modules, most notably bonding that rely on the ipv6 >>> module being loaded. What I do is place "options ipv6 disable=1" in >>> "/etc/modprobe.d/ipv6.conf". That does require a reboot, which I know >>> >> you > are looking to avoid, so you may want to try other methods to remove >>> >> your > address in the running configuration. >>> >>> 'All' I need is for the system not to have a global IPv6 address. >> Then >> > it > will not try to connect to other global IPv6 systems which will reject >> > the > connection, as the IPv6 rDNS cannot be set, given it is a dynamic IPv6 >> assigned address from the ISP. >> >> I tried: > > # cat /etc/sysconfig/network > NETWORKING=yes > HOSTNAME=z9m9z.htt-consult.com > NETWORKING_IPV6=no > IPV6INIT=no > > > and 'service network restart' but still showing IPv6 addressing. > I would try adding the below line to /etc/sysconfig/network. IPV6_AUTOCONF=no Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos >>> >>> -- >>> Chris Stone >>> AxisInternet, Inc. >>> www.axint.net >>> >>> >> >> > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Chris Stone AxisInternet, Inc. www.axint.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fail2Ban Centos 7 is there a trick to making it work?
On Mon, 9 Mar 2015, John Plemons wrote: Been working on fail2ban, and trying to make it work with plain Jane install of Centos 7 Current available epel repo version is fail2ban-0.9.1 Looking at the log file, fail2ban starts and stops fine, there isn't output though showing any login attempts being restricted. Here's the setup I use on CentOS 7 machines: Packages: * fail2ban-firewalld-0.9.1-2.el7.noarch * fail2ban-server-0.9.1-2.el7.noarch * ipset-6.19-4.el7.x86_64 * rsyslog-7.4.7-7.el7_0.x86_64 Basics of jail.local: - %< - # /etc/fail2ban/jail.local [DEFAULT] banaction = firewallcmd-ipset [sshd] enabled = true maxretry = 2 [sshd-ddos] enabled = true maxretry = 2 - %< - Once it's up and running, "sudo ipset list" will give you the status of IP addresses associated with each ban rule. -- Paul Heinlein heinl...@madboa.com 45°38' N, 122°6' W___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] install latest gcc/g++ dev tools on centos
On Sun, Feb 22, 2015 at 5:22 PM, Adekoya Adekunle wrote: > Guys, > > How can I install the latest version of gcc/g++ development tools on my > centos ? > The devtoolset is also available and it provides newer versions of gcc than what is available with the base OS. It seems that the "best" source for these packages for use with CentOS is at: http://linux.web.cern.ch/linux/devtoolset/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On 03/09/2015 02:18 PM, Chris Stone wrote: How about, in your /etc/sysconfig/network file adding or editing the line for IPV6 to be: NETWORKING_IPV6=no One of the first things I tried. It is still in there and doing no difference. What I have is: # cat network NETWORKING=yes HOSTNAME=z9m9z.htt-consult.com NETWORKING_IPV6=no IPV6INIT=no IPV6_AUTOCONF=no and: cat network-scripts/ifcfg-eth0 DEVICE="eth0" BOOTPROTO=none ONBOOT="yes" TYPE="Ethernet" NAME="System eth0" MACADDR=02:67:15:00:00:03 MTU=1500 DNS1=50.253.254.2 DNS2=192.168.224.2 GATEWAY="50.253.254.14" IPADDR="50.253.254.3" NETMASK="255.255.255.240" HOSTNAME="z9m9z.htt-consult.com" IPV6INIT="no" I have used all the magic glue to say "no ipv6" and it just chugs along. and then try a 'service network restart' and see what you get. Chris On Mon, Mar 9, 2015 at 11:52 AM, Robert Moskowitz wrote: No change after running this and trying both: system network restart ifdown eth0; ifup eth0 Still having an IPv6 addr. The box has been up for 140 days. Would like to keep it running... This box is really Redsleeve 6, which is the port of Centos 6 to arm. The kernel I am using is the F19 kernel. All of this MIGHT be contributing to things not working as they would on a 'normal' Centos box. I am awaiting the start of the Centos7-arm work ;) On 03/09/2015 01:15 AM, Chris Stone wrote: Sorry - that should be sysctl -w net.ipv6.conf.all.accept_ra=0 to disable that, not 1. Chris On Sun, Mar 8, 2015 at 11:14 PM, Chris Stone wrote: Try: sysctl -w net.ipv6.conf.all.accept_ra=1 to persist between boots, be sure to add this to your /etc/sysctl.conf file. This should prevent the box from listening to any RA announcements. Chris On Sun, Mar 8, 2015 at 10:55 PM, Ryan Wagoner wrote: On Fri, Mar 6, 2015 at 11:52 AM, Robert Moskowitz wrote: On 03/06/2015 11:00 AM, Robert Moskowitz wrote: On 03/06/2015 10:55 AM, Barry Brimer wrote: IPV6INIT="no" But I am still getting a global IPv6 (and of course local scope). What else do I need to do to disable the listening for RA announcements and setting an IPv6 global address? I do not want to reboot the box. There are other modules, most notably bonding that rely on the ipv6 module being loaded. What I do is place "options ipv6 disable=1" in "/etc/modprobe.d/ipv6.conf". That does require a reboot, which I know you are looking to avoid, so you may want to try other methods to remove your address in the running configuration. 'All' I need is for the system not to have a global IPv6 address. Then it will not try to connect to other global IPv6 systems which will reject the connection, as the IPv6 rDNS cannot be set, given it is a dynamic IPv6 assigned address from the ISP. I tried: # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=z9m9z.htt-consult.com NETWORKING_IPV6=no IPV6INIT=no and 'service network restart' but still showing IPv6 addressing. I would try adding the below line to /etc/sysconfig/network. IPV6_AUTOCONF=no Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Chris Stone AxisInternet, Inc. www.axint.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On Mon, Mar 9, 2015 at 12:39 PM, Robert Moskowitz wrote: > I have to disagree on that. NATs is the problem and I am one of the causes > of that problem as one of the principals behind RFC 1918. > > > What has happened is that HTTP has become the transport for the Internet. > Very bad in a number of ways. On the contrary. NAT and HTTP are the reasons most households are connected. But now we have http 2.0 to provide some pretense of security. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
> On 03/09/2015 01:15 AM, Chris Stone wrote: >> >> sysctl -w net.ipv6.conf.all.accept_ra=0 On 03/10/2015 06:52 AM, Robert Moskowitz wrote: > No change after running this and trying both: > > system network restart it's: service network restart Try also setting these in sysctl: net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.eth0.disable_ipv6=1 and then run: service network restart Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On 03/09/2015 03:24 PM, Peter wrote: On 03/09/2015 01:15 AM, Chris Stone wrote: sysctl -w net.ipv6.conf.all.accept_ra=0 On 03/10/2015 06:52 AM, Robert Moskowitz wrote: No change after running this and trying both: system network restart it's: service network restart Typo. My dsyelxia at work again. Try also setting these in sysctl: net.ipv6.conf.all.disable_ipv6=1 net.ipv6.conf.default.disable_ipv6=1 net.ipv6.conf.eth0.disable_ipv6=1 error: "net.ipv6.conf.eth0.disable_ipv6" is an unknown key and then run: service network restart And no more IPv6. Now to document this so I can reverse it when the time comes! thanks Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On 03/09/2015 12:52 PM, Robert Moskowitz wrote: No change after running this and trying both: system network restart ifdown eth0; ifup eth0 Still having an IPv6 addr. The box has been up for 140 days. Would like to keep it running... This box is really Redsleeve 6, which is the port of Centos 6 to arm. The kernel I am using is the F19 kernel. All of this MIGHT be contributing to things not working as they would on a 'normal' Centos box. I am awaiting the start of the Centos7-arm work ;) Hmm, I've used the information in this link in the past with good results: http://wiki.centos.org/FAQ/CentOS6#head-d47139912868bcb9d754441ecb6a8a10d41781df Don't know how this would with with Redsleeve, but with both CentOS 6 and RHEL 6 it works fine. I was able to disable IPv6 on-the-fly without a reboot using the "sysctl -w" method. Your Mileage May Vary! -- Jay Leafey - jay.lea...@mindless.com Memphis, TN ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - disabling IPv6 addressing
On 03/10/2015 08:59 AM, Robert Moskowitz wrote: > > error: "net.ipv6.conf.eth0.disable_ipv6" is an unknown key s/eth0/your_interface_name/ ...or just leave it out, it will probably work with one, or both of the other two. Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] grsync for centos 7
Thanks! The Grsync package from the Nux repository does seem to work so far (3 days, light usage). Since I am obsessive about updating using yum, after installation I immediately disabled the Nux repository from updating, due to the dire warnings in the Centos documentation about the risks of using add-on repositories. So far so good. And FWIW, I do like, and use the CLI all the time. That's how I learned - using MS-DOS 3.2 on a 386sx box with 360k floppy drives. And 512k ram - what luxury! : ) On Fri, Mar 6, 2015 at 7:33 AM, Jonathan Billings wrote: > On Thu, Mar 05, 2015 at 04:30:15PM -0600, Francis Gerund wrote: > > 5) If Grsync was in centos before, why was it removed? "Because it's > not > > in RHEL." Okay, but why not? > > I can't find any evidence it was ever in RHEL or CentOS. It looks > like it's in the Nux Desktop repo and the Repoforge repo for EL5 and 6 and > Nux for EL7. > > > 6) While I do really appreciate CLI stuff, more and more I have come to > > appreciate GUI stuff. Someday, I think you too will understand. > > I really doubt that. Someday, maybe, you'll understand why some > people prefer the command line interface. > > > 7) Again, hasn't anyone installed Grsync in centos 7 from source? I > hate > > to being the "lab rat". > > The Fedora packages rebuild fine for epel7 (I just tested it), so I > would assume that'd be the best place to start if you wanted to build > your own packages. Or you could just use the Nux Desktop repo. > > See: > http://wiki.centos.org/AdditionalResources/Repositories > > -- > Jonathan Billings > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] grsync for centos 7
Francis Gerund wrote: > And FWIW, I do like, and use the CLI all the time. That's how I learned - using MS-DOS 3.2 on a 386sx box with 360k floppy drives. And 512k ram - what luxury! > > : ) You leaned on a 386 with (2?) floppy drives? I had to make do with DOS 3.0 on an 8088 w/ 2 floppy drives... and let me tell you how much fun it was to compile (I kid you not) basica, esp. with an encrypted library mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] grsync for centos 7
Upon reflection, recall that first "real" computer actually had 8088 processor (8-bit deliberately crippled version of 16-bit 8086 processor). Second one was the 386sx (16 bit deliberated-crippled version of 32-bit 386 processor). Unless you count the Timex-Sinclair 1000 (z80 processor, i/o from cassette tape storage) . Before that, at university: - IBM 370 series mainframe, in locked room, inaccessible to mere mortals. - programs entered on punch cards using key-punch machine, submitted through small window in computer room. - come back for dot-matrix printout of results Thursday. - edit program for errors, until assignment deadline passes. - rinse, lather, repeat. What fun. Is this thread getting to be [OT]? On Mon, Mar 9, 2015 at 4:36 PM, wrote: > Francis Gerund wrote: > > > And FWIW, I do like, and use the CLI all the time. That's how I learned > - using MS-DOS 3.2 on a 386sx box with 360k floppy drives. And 512k ram > - what luxury! > > > > : ) > > You leaned on a 386 with (2?) floppy drives? I had to make do with DOS 3.0 > on an 8088 w/ 2 floppy drives... and let me tell you how much fun it was > to compile (I kid you not) basica, esp. with an encrypted library > > mark > > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Questions about panel toolbars in CentOS7
Don't know about running Centos 7 within a vm, but did you try: 1) sudo yum -v search gnome-shell-browser-plugin 2) sudo yum -v install gnome-shell-browser-plugin 3) reboot 4) try again: https://extensions.gnome.org HTH. On Sun, Mar 8, 2015 at 10:54 AM, Nux! wrote: > Then no idea, if there is no extension there permitting this functionality. > You could try the Gnome mailing lists, I am sure there's an easy way to do > it. > > HTH > Lucian > > -- > Sent from the Delta quadrant using Borg technology! > > Nux! > www.nux.ro > > - Original Message - > > From: "C. L. Martinez" > > To: "CentOS mailing list" > > Sent: Saturday, 7 March, 2015 15:46:03 > > Subject: Re: [CentOS] Questions about panel toolbars in CentOS7 > > > Uhmm ... Some example?? I am searching inside extensions.gnome.org but > > I didn't find any extension to remove or make small bottom panel ... > > > > On Sat, Mar 7, 2015 at 10:55 AM, Nux! wrote: > >> If you go to extensions.gnome.org there are various extensions that > let you do > >> that. > >> You'll need this package to be able to install them from your browsers: > >> gnome-shell-browser-plugin > >> > >> -- > >> Sent from the Delta quadrant using Borg technology! > >> > >> Nux! > >> www.nux.ro > >> > >> - Original Message - > >>> From: "C. L. Martinez" > >>> To: "CentOS mailing list" > >>> Sent: Saturday, 7 March, 2015 10:52:29 > >>> Subject: [CentOS] Questions about panel toolbars in CentOS7 > >> > >>> Hi all, > >>> > >>> I have installed a CentOS7 vm with gnome3 desktop. All it is working > >>> ok but I have two questions about configuring gnome3 environment > >>> (classic mode): > >>> > >>> a) How can I add applications launchers in the top panel toolbar? > >>> b) How can I modify bottom toolbar to make it smaller?? > >>> > >>> Thanks > >>> ___ > >>> CentOS mailing list > >>> CentOS@centos.org > >>> http://lists.centos.org/mailman/listinfo/centos > >> ___ > >> CentOS mailing list > >> CentOS@centos.org > >> http://lists.centos.org/mailman/listinfo/centos > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
On 03/09/2015 10:00 AM, Niki Kovacs wrote: > Le 09/03/2015 13:02, Johnny Hughes a écrit : >> I was just getting ready to build those, I need them:) .. how about we >> put them (or newer ones, if available) in i686 extras. > > On a side note, I wonder when - and if - a 32-bit version of CentOS will > eventually become available. I'm managing a small IT company in South > France, and I have to deal with a considerable amount of legacy hardware > in schools and town halls, mostly first generation Pentium IV with > something like 1 GB of RAM. In general, folks are happy as long as they > don't have to upgrade their hardware when moving from Windows to Linux. > These old PCs may be dinosaurs, but apparently it takes a meteor strike > to wipe them. > > At the moment this kind of hardware is running my personal blend of > 32-bit Slackware Linux 14.0 or 14.1. I'm planning to install CentOS 6.x > on it, but I think it would be perfectly able to run a 32-bit version of > CentOS 7. We really should have this very soon after the 7.1 x86_64 release. I am building all the packages for both as we do 7.1. But, so far the new kernel is not building 32 bit :( signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Running the Wine emulator on CentOS 7
Le 10/03/2015 01:52, Johnny Hughes a écrit : We really should have this very soon after the 7.1 x86_64 release. I am building all the packages for both as we do 7.1. But, so far the new kernel is not building 32 bit:( Thank you for your quick response. I am looking forward to that very much. Out of curiosity, I gave PUIAS/Springdale a spin. They have a 32-bit version of 7, although it's not advertised anywhere, and I stumbled over it more or less by accident while searching through their repositories. It runs nice on one of my sandbox PCs. Though I'd rather have a 32-bit CentOS 7. As far as Wine is concerned, I guess the best solution will be to wait until you put a 32-bit version in [extra]. Cheers, Niki -- Microlinux - Solutions informatiques 100% Linux et logiciels libres 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
